CVE-ID

CVE-1999-0661

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
19990607 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20050529)
Votes (Legacy)
ACCEPT(4) Baker, Hill, Northcutt, Wall
REVIEWING(1) Christey
Comments (Legacy)
 Christey> Should add the specific CERT advisory references for
   well-known Trojaned software.
   TCP Wrappers -> CERT:CA-1999-01
   CERT:CA-1999-02 includes util-linux
   wuarchive - CERT:CA-94.07
   IRC client - CERT:CA-1994-14
 Christey> BUGTRAQ:20020801 trojan horse in recent openssh (version 3.4 portable 1)
   Modify description to use dot notation.
 Christey> CERT:CA-2002-24
   URL:http://www.cert.org/advisories/CA-2002-24.html
   XF:openssh-backdoor(9763)
   URL:http://www.iss.net/security_center/static/9763.php
   BID:5374
   URL:http://www.securityfocus.com/bid/5374
 CHANGE> [Christey changed vote from NOOP to REVIEWING]
 Christey> Add libpcap and tcpdump:
   BUGTRAQ:20021113 Latest libpcap & tcpdump sources from tcpdump.org contain a trojan
   URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103722456708471&w=2
   CERT:CA-2002-30
   URL:http://www.cert.org/advisories/CA-2002-30.html
   
   This CAN has been active for over 4 years.  At this moment, my
   thinking is that we should SPLIT this CAN into each separate
   trojaned product, then create some criteria that restrict
   creation of new CANs to "widespread" or "important" products only.

Proposed (Legacy)
19990804
This is an entry on the CVE list, which standardizes names for security problems.